1. Field of the Invention
The present invention relates to a technique for creating a mini time key from a time key with which decryption at a specific time is enabled, and in particular to a technique for reducing the size of the time unit allocated for decryption using a mini time key without a corresponding increase in the number of time keys.
2. Description of the Related Art
In the present invention, a mini time key creation method and a management (transmission and maintenance) method for its use will be explained. Generally, the number of time keys to be managed is increased in order to reduce the unit time allocated for decryption. However, according to the present invention, the unit time can be shortened without a corresponding increase in the number of time keys that are to be managed.
The time key is used for a system to prevent the decryption of data until a specific time has been reached. In this system, a time key manager that manages a time encryption key keeps a time decryption key secret until a specific time, and after that, releases the time decryption key for public use.
In order to shorten the unit time allocated for decryption, many time keys that correspond to the unit time must be created. For a unit time of one day, for example, 365 time keys must be created and managed for one year (a time key for Jan. 16, 1998 or a time key for Jan. 17, 1998). However, for a unit time of one minute, 525,600 time keys must be created and managed for one year (a time key for 10:28 AM on Jan. 16, 1998 or a time key for 10:29 AM on Jan. 16, 1998). As is described, the number of time keys to be managed is normally increased in order to reduce the unit time allocated for decryption. Since a system having the highest security is required for the management of the time keys, the creation of as small as possible number of time keys is desired. Taking into consideration an application that uses a time key, the shorter the unit time is allocated for decryption, the more flexibly can the operation be performed.
A time key employing asymmetric key encryption is described in xe2x80x9cSecure Electronic Sealed-Bid Auction Protocol With Public Key Cryptography,xe2x80x9d M. Kudo, IEICE Trans. Fundamentals Of Electronics, Communications And Computer Sciences, Vol. E81-A, No. 1, 1998. And a time key employing symmetric key encryption is described in xe2x80x9cTime-Lock Puzzles And Timed-Release Crypto,xe2x80x9d R. L. Rivest, A. Shamir and D. A. Wagner, NIT Laboratory For Computer Science, pp. 1-9, 1996 Time-Lock Puzzles. Both references are concerned with the unit time key, and do not teach the method of the present invention whereby a mini time key is created from a unit time key in order to reduce the time unit allocated for decryption without a corresponding increase in the number of time keys.
It is, therefore, one object of the present invention to provide a method and a system for creating a mini time key from a time key.
It is another object of the present invention to provide a method and a system for performing encryption using a mini time key and a unit time key.
It is an additional object of the present invention to provide a method and a system for transmitting a mini time key and a unit time key.
It is a further object of the present invention to provide a method and a system for decrypting encrypted data using a mini time key and a unit time key.
It is still another object of the present invention to provide a time key server with which a user can freely use a mini time key and a unit time key.
It is a still additional object of the present invention to provide a time key management method whereby a time key management function does not have to manage an enormous number of time keys when using a mini time key and a unit time key, and a time key management system.
To achieve the above objects, a plurality of mini time keys are created within a unit time period that correspond to respective subintervals of the unit time period. First, a unit time decryption key is prepared immediately after the unit time period is reached. Then, a mini time key for the last subinterval of the unit time period is created by applying a one-way function to the unit time decryption key. A mini time key for each subinterval before the last subinterval is then created by iteratively applying a one-way function to the mini time key created for the following subinterval, beginning with the last subinterval and ending with the first subinterval of the unit time period. In other words, the mini time keys are created as a timed series arranged in a descending order beginning with the mini time key created for the last subinterval. In this manner, even when a specific mini time key is externally leaked for a specific reason, a mini time key for a later subinterval in a timed series can not be created by using this mini time key. In addition, even when the mini time keys are sequentially published, the security of the unit time decryption key is maintained.
With the above described arrangement, it is possible to build a time key server that is similar to a conventional time server in order to create a unit time key and a mini time key. A user can employ the time key released for public use by the time key server to construct various applications.
For example, a network examination system and an electronic sealed-bid auction system can be constructed. When there are regulations inhibiting reading or the revealing of specific data before a specified time, electronic distribution is made of all of a block of data containing a specific portion that has been encrypted using the time key, and at the specified time, a time decryption key is acquired that can read the contents of the encrypted data.
The time unit employed for the present invention is flexible, i.e., an appropriate time can be selected, such as a unit of one day or a unit of one minute or three minutes. When the mini time key of the present invention is employed, the time key management function does not have to manage a large number of time keys.